﻿using Ganss.Xss;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;

namespace WomanMotion.WebApi.Infrastructure.XSS
{
    public class XSSHelper
    {
        private static HtmlSanitizer _sanitizer;
        static XSSHelper()
        {
            _sanitizer = new HtmlSanitizer();
            //sanitizer.AllowedTags.Add("div");//标签白名单
            _sanitizer.AllowedAttributes.Add("class");//标签属性白名单,默认没有class标签属性           
            //sanitizer.AllowedCssProperties.Add("font-family");//CSS属性白名单
        }
        /// <summary>
        /// 过滤HTML标记
        /// </summary>
        /// <param name="Htmlstring"></param>
        /// <returns></returns>
        public static string HtmlFilter(string Htmlstring)
        {
            string result = _sanitizer.Sanitize(Htmlstring);
            return result;
        }
    }
}
